Bardzo prosze o sprawdzenie loga
Logfile of HijackThis v1.99.1
Scan saved at 23:32:41, on 2005–04–30
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
E:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
E:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
E:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
E:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
E:\Program Files\Gadu–Gadu\gg.exe
E:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Documents and Settings\Marcin\Pulpit\hijackthis\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxy.zetosa.pl/proxy.pac
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: myBar BHO – {0494D0D1–F8E0–41ad–92A3–14154ECE70AC} – C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – E:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: InstaFinderK – {4E7BD74F–2B8D–469E–90F0–F66AB581A933} – C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – E:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 – BHO: TGTSoft Explorer Toolbar Changer – {C333CF63–767F–4831–94AC–E683D962C63C} – C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – E:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: My &Search Bar – {0494D0D9–F8E0–41ad–92A3–14154ECE70AC} – C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 – HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 – HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 – HKCU\..\Run: [Gadu–Gadu] "E:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [Norton SystemWorks] "E:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD–5CC4–4ceb–AAAF–CF00BF39736A} /MODE CfgWiz
O4 – HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe –Hide
O4 – Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: GStartup.lnk = C:\RECYCLER\NPROTECT\00016249.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: Norton GoBack.lnk = E:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 – DPF: {1D6711C8–7154–40BB–8380–3DEA45B69CBF} (Web P2P Installer) –
O17 – HKLM\System\CCS\Services\Tcpip\..\{65396EF7–DBE3–448D–99B0–A52AC75AF6DA}: NameServer = 80.85.224.2,80.85.224.50
O23 – Service: Symantec Event Manager (ccEvtMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 – Service: Symantec Password Validation (ccPwdSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 – Service: Symantec Settings Manager (ccSetMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 – Service: GoBack Polling Service (GBPoll) – Symantec Corporation – E:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 – Service: Norton AntiVirus Auto–Protect Service (navapsvc) – Symantec Corporation – E:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 – Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) – Symantec Corporation – E:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 – Service: Norton Unerase Protection (NProtectService) – Symantec Corporation – E:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: SAVScan – Symantec Corporation – E:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 – Service: ScriptBlocking Service (SBService) – Symantec Corporation – C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 – Service: Symantec SPBBCSvc (SPBBCSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 – Service: Speed Disk service – Symantec Corporation – E:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 – Service: StyleXPService – Unknown owner – C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 – Service: Symantec Core LC – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
i przy kazdym uruchomienu komputera wlacza sie cos takiego
Prosze o pomoc
Odpowiedzi: 2
Wylącz przywracanie
Odinstaluj z dodaj/usun: MyWay
Wywal katalogi C:\Program Files\MyWay, C:\PROGRA~1\INSTAF~1
FIX:
Czyźby to Gator startujący z... kosza chronionego przez Nortona
Oproznij oczywiscie
Odinstaluj z dodaj/usun: MyWay
Wywal katalogi C:\Program Files\MyWay, C:\PROGRA~1\INSTAF~1
FIX:
O2 – BHO: myBar BHO – {0494D0D1–F8E0–41ad–92A3–14154ECE70AC} – C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 – BHO: InstaFinderK – {4E7BD74F–2B8D–469E–90F0–F66AB581A933} – C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL
O3 – Toolbar: My &Search Bar – {0494D0D9–F8E0–41ad–92A3–14154ECE70AC} – C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 – DPF: {1D6711C8–7154–40BB–8380–3DEA45B69CBF} (Web P2P Installer) –
Czyźby to Gator startujący z... kosza chronionego przez Nortona
O4 – Global Startup: GStartup.lnk = C:\RECYCLER\NPROTECT\00016249.exe
Oproznij oczywiscie
O4 – Global Startup: GStartup.lnk = C:\RECYCLER\NPROTECT\00016249.exe
Zaznacz to i wciśnij fix checked
Zaznacz to i wciśnij fix checked
Strona 1 / 1